Re-generate nordigen token (#156)

This PR fixes the regeneration Nordigen token when it expires.

https://github.com/actualbudget/actual/issues/724

package.json

@@ -22,6 +22,7 @@
     "express": "4.18.2",
     "express-actuator": "1.8.4",
     "express-response-size": "^0.0.3",
+    "jws": "^4.0.0",
     "nordigen-node": "^1.2.3",
     "uuid": "^9.0.0"
   },

src/app-nordigen/services/nordigen-service.js

@@ -14,6 +14,7 @@ import {
 import * as nordigenNode from 'nordigen-node';
 import * as uuid from 'uuid';
 import config from '../../load-config.js';
+import jwt from 'jws';
 
 const NordigenClient = nordigenNode.default;
 const nordigenClient = new NordigenClient({
@@ -50,10 +51,21 @@ export const nordigenService = {
    * @returns {Promise<void>}
    */
   setToken: async () => {
-    if (!nordigenClient.token) {
+    const isExpiredJwtToken = (token) => {
+      const decodedToken = jwt.decode(token);
+      if (!decodedToken) {
+        return true;
+      }
+      const payload = decodedToken.payload;
+      const clockTimestamp = Math.floor(Date.now() / 1000);
+      return clockTimestamp >= payload.exp;
+    };
+
+    if (isExpiredJwtToken(nordigenClient.token)) {
+      // Generate new access token. Token is valid for 24 hours
+      // Note: access_token is automatically injected to other requests after you successfully obtain it
       const tokenData = await client.generateToken();
       handleNordigenError(tokenData);
-      nordigenClient.token = tokenData.access;
     }
   },
 
@@ -459,4 +471,6 @@ export const client = {
       accountSelection,
     }),
   generateToken: async () => await nordigenClient.generateToken(),
+  exchangeToken: async ({ refreshToken }) =>
+    await nordigenClient.exchangeToken({ refreshToken }),
 };

yarn.lock

@@ -1381,6 +1381,7 @@ __metadata:
     express-actuator: 1.8.4
     express-response-size: ^0.0.3
     jest: ^29.3.1
+    jws: ^4.0.0
     nordigen-node: ^1.2.3
     prettier: ^2.8.3
     supertest: ^6.3.1
@@ -1766,6 +1767,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"buffer-equal-constant-time@npm:1.0.1":
+  version: 1.0.1
+  resolution: "buffer-equal-constant-time@npm:1.0.1"
+  checksum: 80bb945f5d782a56f374b292770901065bad21420e34936ecbe949e57724b4a13874f735850dd1cc61f078773c4fb5493a41391e7bda40d1fa388d6bd80daaab
+  languageName: node
+  linkType: hard
+
 "buffer-from@npm:^1.0.0":
   version: 1.1.2
   resolution: "buffer-from@npm:1.1.2"
@@ -2253,6 +2261,15 @@ __metadata:
   languageName: node
   linkType: hard
 
+"ecdsa-sig-formatter@npm:1.0.11":
+  version: 1.0.11
+  resolution: "ecdsa-sig-formatter@npm:1.0.11"
+  dependencies:
+    safe-buffer: ^5.0.1
+  checksum: 207f9ab1c2669b8e65540bce29506134613dd5f122cccf1e6a560f4d63f2732d427d938f8481df175505aad94583bcb32c688737bb39a6df0625f903d6d93c03
+  languageName: node
+  linkType: hard
+
 "ee-first@npm:1.1.1":
   version: 1.1.1
   resolution: "ee-first@npm:1.1.1"
@@ -3960,6 +3977,27 @@ __metadata:
   languageName: node
   linkType: hard
 
+"jwa@npm:^2.0.0":
+  version: 2.0.0
+  resolution: "jwa@npm:2.0.0"
+  dependencies:
+    buffer-equal-constant-time: 1.0.1
+    ecdsa-sig-formatter: 1.0.11
+    safe-buffer: ^5.0.1
+  checksum: 8f00b71ad5fe94cb55006d0d19202f8f56889109caada2f7eeb63ca81755769ce87f4f48101967f398462e3b8ae4faebfbd5a0269cb755dead5d63c77ba4d2f1
+  languageName: node
+  linkType: hard
+
+"jws@npm:^4.0.0":
+  version: 4.0.0
+  resolution: "jws@npm:4.0.0"
+  dependencies:
+    jwa: ^2.0.0
+    safe-buffer: ^5.0.1
+  checksum: d68d07aa6d1b8cb35c363a9bd2b48f15064d342a5d9dc18a250dbbce8dc06bd7e4792516c50baa16b8d14f61167c19e851fd7f66b59ecc68b7f6a013759765f7
+  languageName: node
+  linkType: hard
+
 "kleur@npm:^3.0.3":
   version: 3.0.3
   resolution: "kleur@npm:3.0.3"